I use UnboundID for the authentication against Active Directory. I have same error code when I authenticate with the wrong password and when the user is configured with “user must change password at next logon”. “wrong password” exception:
LDAPException(resultCode=49 (invalid credentials), errorMessage='80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 52e, vece
“user must change password at next logon” exception:
LDAPException(resultCode=49 (invalid credentials), errorMessage='80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 773, vece
The only difference is the value of word data in the exception message. I do not want to rely on the message. How to distinguish between “user must change password at next logon” and “wrong password” use cases?